forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/drivers/md
History
Jonathan Brassow c7f14122d1 dm log: userspace fix overhead_size calcuations 
commit ebfd32bba9 upstream.

This patch fixes two bugs that revolve around the miscalculation and
misuse of the variable 'overhead_size'.  'overhead_size' is the size of
the various header structures used during communication.

The first bug is the use of 'sizeof' with the pointer of a structure
instead of the structure itself - resulting in the wrong size being
computed.  This is then used in a check to see if the payload
(data_size) would be to large for the preallocated structure.  Since the
bug produces a smaller value for the overhead, it was possible for the
structure to be breached.  (Although the current users of the code do
not currently send enough data to trigger this bug.)

The second bug is that the 'overhead_size' value is used to compute how
much of the preallocated space should be cleared before populating it
with fresh data.  This should have simply been 'sizeof(struct cn_msg)'
not overhead_size.  The fact that 'overhead_size' was computed
incorrectly made this problem "less bad" - leaving only a pointer's
worth of space at the end uncleared.  Thus, this bug was never producing
a bad result, but still needs to be fixed - especially now that the
value is computed correctly.

Signed-off-by: Jonathan Brassow <jbrassow@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-02-23 07:37:58 -08:00
..
raid6test md: drivers/md/unroll.pl replaced with awk analog 2009-10-16 16:25:19 +11:00
.gitignore
bitmap.c md/bitmap: protect against bitmap removal while being updated. 2009-12-18 14:04:11 -08:00
bitmap.h md/bitmap: protect against bitmap removal while being updated. 2009-12-18 14:04:11 -08:00
dm-bio-record.h dm: preserve bi_io_vec when resubmitting bios 2009-04-02 19:55:23 +01:00
dm-crypt.c dm crypt: make wipe message also wipe essiv key 2009-12-18 14:05:04 -08:00
dm-delay.c dm table: pass correct dev area size to device_area_is_valid 2009-07-23 20:30:42 +01:00
dm-exception-store.c dm exception store: free tmp_store on persistent flag error 2009-12-18 14:04:59 -08:00
dm-exception-store.h dm snapshot: use unsigned integer chunk size 2009-10-16 23:18:17 +01:00
dm-io.c dm io: retry after barrier error 2009-06-22 10:12:26 +01:00
dm-ioctl.c dm: avoid _hash_lock deadlock 2009-12-18 14:05:02 -08:00
dm-kcopyd.c dm kcopyd: fix callback race 2009-04-09 00:27:17 +01:00
dm-linear.c dm table: pass correct dev area size to device_area_is_valid 2009-07-23 20:30:42 +01:00
dm-log-userspace-base.c dm log: userspace fix incorrect luid cast in userspace_ctr 2009-10-16 23:18:15 +01:00
dm-log-userspace-transfer.c dm log: userspace fix overhead_size calcuations 2010-02-23 07:37:58 -08:00
dm-log-userspace-transfer.h dm log: userspace add luid to distinguish between concurrent log instances 2009-09-04 20:40:34 +01:00
dm-log.c dm log: fix create_log_context to use logical_block_size of log device 2009-06-22 10:12:33 +01:00
dm-mpath.c [SCSI] scsi_dh: Use scsi_dh_set_params() in multipath. 2009-08-22 17:52:15 -05:00
dm-mpath.h dm mpath: remove is_active from struct dm_path 2008-10-10 13:36:58 +01:00
dm-path-selector.c dm: path selector use module refcount directly 2009-04-02 19:55:27 +01:00
dm-path-selector.h dm mpath: add start_io and nr_bytes to path selectors 2009-06-22 10:12:27 +01:00
dm-queue-length.c dm mpath: add queue length load balancer 2009-06-22 10:12:27 +01:00
dm-raid1.c bio: first step in sanitizing the bio->bi_rw flag testing 2009-09-11 14:33:31 +02:00
dm-region-hash.c dm raid1: keep retrying alloc if mempool_alloc failed 2009-06-22 10:12:13 +01:00
dm-round-robin.c dm mpath: add start_io and nr_bytes to path selectors 2009-06-22 10:12:27 +01:00
dm-service-time.c dm mpath: add service time load balancer 2009-06-22 10:12:28 +01:00
dm-snap-persistent.c dm snapshot: use unsigned integer chunk size 2009-10-16 23:18:17 +01:00
dm-snap-transient.c dm snapshot: move status to exception store 2009-04-02 19:55:35 +01:00
dm-snap.c dm snapshot: cope with chunk size larger than origin 2009-12-18 14:05:02 -08:00
dm-stripe.c dm stripe: avoid divide by zero with invalid stripe count 2010-02-23 07:37:58 -08:00
dm-sysfs.c dm: sysfs add suspended attribute 2009-06-22 10:12:29 +01:00
dm-table.c DM: Fix device mapper topology stacking 2010-01-25 10:49:41 -08:00
dm-target.c dm target: remove struct tt_internal 2009-04-02 19:55:28 +01:00
dm-uevent.c dm: avoid _hash_lock deadlock 2009-12-18 14:05:02 -08:00
dm-uevent.h
dm-zero.c dm: consolidate target deregistration error handling 2009-01-06 03:04:58 +00:00
dm.c dm: dec_pending needs locking to save error value 2009-10-16 23:18:15 +01:00
dm.h dm: remove queue next_ordered workaround for barriers 2009-07-23 20:30:40 +01:00
faulty.c md: Move check for bitmap presence to personality code. 2009-06-18 08:49:23 +10:00
Kconfig Merge branch 'dmaengine' into async-tx-next 2009-09-08 17:55:21 -07:00
linear.c md: report device as congested when suspended 2009-09-23 18:10:29 +10:00
linear.h md/linear: use call_rcu to free obsolete 'conf' structures. 2009-06-18 08:49:42 +10:00
Makefile md: drivers/md/unroll.pl replaced with awk analog 2009-10-16 16:25:19 +11:00
md.c md: fix small irregularity with start_ro module parameter 2010-01-28 15:02:18 -08:00
md.h md/bitmap: protect against bitmap removal while being updated. 2009-12-18 14:04:11 -08:00
mktables.c md/raid6: move raid6 data processing to raid6_pq.ko 2009-03-31 15:09:39 +11:00
multipath.c md: remove unnecessary memset from multipath. 2009-09-23 18:16:31 +10:00
multipath.h md: remove mddev_to_conf "helper" macro 2009-06-16 16:54:21 +10:00
raid0.c md: report device as congested when suspended 2009-09-23 18:10:29 +10:00
raid0.h md: remove mddev_to_conf "helper" macro 2009-06-16 16:54:21 +10:00
raid1.c md: revert incorrect fix for read error handling in raid1. 2009-12-01 17:30:59 +11:00
raid1.h md: remove mddev_to_conf "helper" macro 2009-06-16 16:54:21 +10:00
raid5.c md: fix 'degraded' calculation when starting a reshape. 2010-02-23 07:37:51 -08:00
raid5.h md: fix problems with RAID6 calculations for DDF. 2009-10-16 16:27:34 +11:00
raid6algos.c md/raid6: move raid6 data processing to raid6_pq.ko 2009-03-31 15:09:39 +11:00
raid6altivec.uc md: drivers/md/unroll.pl replaced with awk analog 2009-10-16 16:25:19 +11:00
raid6int.uc md: drivers/md/unroll.pl replaced with awk analog 2009-10-16 16:25:19 +11:00
raid6mmx.c md/raid6: move raid6 data processing to raid6_pq.ko 2009-03-31 15:09:39 +11:00
raid6recov.c md/raid6: move raid6 data processing to raid6_pq.ko 2009-03-31 15:09:39 +11:00
raid6sse1.c md/raid6: move raid6 data processing to raid6_pq.ko 2009-03-31 15:09:39 +11:00
raid6sse2.c md/raid6: move raid6 data processing to raid6_pq.ko 2009-03-31 15:09:39 +11:00
raid6x86.h md: fix typo in FSF address 2009-03-31 14:57:37 +11:00
raid10.c md: raid1/raid10: handle allocation errors during array setup. 2009-10-16 15:55:44 +11:00
raid10.h md: remove mddev_to_conf "helper" macro 2009-06-16 16:54:21 +10:00
unroll.awk md: drivers/md/unroll.pl replaced with awk analog 2009-10-16 16:25:19 +11:00